路由的多个中间件不起作用

I'm using Laravel 5.5.

I created 4 middlewares, one middleware by user role.

The admin has same rights as the employee. However, admin owns some more privileges.

Routing File:

Route::group(['prefix' => 'admin'], function() {

    // EMPLOYEE AND ADMIN ROUTES
    Route::group(['middleware' => ['admin', 'employe']], function() {
         Route::get('showCreationSeance', 'AdministrationController@showCreationSeance');
         Route::get('showAjoutCoach', 'AdministrationController@showAjoutCoach');
         Route::get('showReservationClient', 'AdministrationController@showReservationClient');
         Route::get('showAnnulationClient', 'AdministrationController@showAnnulationClient');

         Route::post('creerSeance', 'AdministrationController@creerSeance')->name('admin/creerSeance');
         Route::post('ajouterCoach', 'AdministrationController@ajouterCoach')->name('admin/ajouterCoach');
    });

    // ADMIN ROUTES
    Route::group(['middleware' => 'admin'], function() {
         Route::get('showCreationActivite', 'AdministrationController@showCreationActivite');
         Route::get('showAjoutEmploye', 'AdministrationController@showAjoutEmploye');

         Route::post('creerActivite', 'AdministrationController@creerActivite')->name('admin/creerActivite');
         Route::post('ajouterEmploye', 'AdministrationController@ajouterEmploye')->name('admin/ajouterEmploye');
     });
});

Middlewares:

class AdminMiddleware
{
    public function handle($request, Closure $next)
    {
        $user = User::getUser(Auth::user()->id_utilisateur);

        if(!$user->estAdmin()) {
            throw new AuthorizationException();
        }

        return $next($request);
    }
}

class EmployeMiddleware
{
    public function handle($request, Closure $next)
    {
        $user = User::getUser(Auth::user()->id_utilisateur);

        if(!$user->estEmploye()) {
            throw new AuthorizationException();
        }

        return $next($request);
    }
}

Methods used into middlewares:

public function estAdmin() {
    $idStatutAdmin = Statut::select('id_statut')
        ->where('nom_statut', '=', 'ROLE_ADMIN')
        ->first();

    return ($idStatutAdmin->id_statut == $this->id_statut) ? true : false;
}

public function estEmploye() {
    $idStatutEmployee = Statut::select('id_statut')
        ->where('nom_statut', '=', 'ROLE_EMPLOYEE')
        ->first();

    return ($idStatutEmployee->id_statut == $this->id_statut) ? true : false;
}

Stack Trace:

Illuminate\Foundation\Exceptions\Handler render
…/app/Exceptions/Handler.php 51

Illuminate\Auth\Access\AuthorizationException 
…/app/Http/Middleware/AdminMiddleware.php 25

Illuminate\Foundation\Http\Kernel handle
…/public/index.php 55

The problem: The routes defined for admin and employee didn't work and I get an error:

Symfony \ Component \ HttpKernel \ Exception \ AccessDeniedHttpException

No message

While routes for admin only work perfectly. Can you tell me if I'm doing this correctly?

When I'm connected as an admin, it is EmployeMiddleware which throw an error. And when I'm connected as employee, it is AdminMiddleware which throw an error.

Thank's for your help!

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

dongyuelian9602 2018-01-03 17:12

关注

The user has the id_statut column which can only be ROLE_ADMIN or ROLE_EMPLOYEE. Take the following example:

$roles = [
    'admin' => 2,
    'employee' => 1
];

$user = [
    'id_statut' => 1
];

if ($user['id_statut'] == $roles['employee']) {
    // User is an employee - this code will execute
}
if ($user['id_statut'] == $roles['admin']) {
    // User is not an admin - this code will NOT execute
}
if ($user['id_statut'] == $roles['employee'] && $user['id_statut'] == $roles['employee']) {
    // User is an employee AND an admin
    // This is impossible based on your database structure as id_statut cannot be both 1 and 2
}

An easy solution would be to check if the user is an employee or higher permission in estEmploye(). For example:

public function estEmploye() {
    $idStatutEmployee = Statut::select('id_statut')
        ->where('nom_statut', 'IN', ['ROLE_EMPLOYEE', 'ROLE_ADMIN'])
        ->get('id_statut');
    return in_array($this->id_status, $idStatutEmployee);
}

本回答被题主选为最佳回答 , 对您是否有帮助呢?

报告相同问题？

关注问题

php多个提交按钮不起作用 php
2013-08-01 10:26

回答 1 已采纳 <form action="add_post.php" method="POST" enctype="multipart/form-data"> You also need to
基于多个用户角色的路由级别的中间件 laravel php
2018-03-29 09:55

回答 3 已采纳 You need to implement one middleware and pass user types to it. Route::group(['middleware' =>
php redirect 重新定向不起作用 php
2021-06-29 16:47

回答 1 已采纳 111
PHP框架Laravel中如何处理路由和中间件
2024-04-22 14:20

代码奇幻之旅的博客在Laravel中，路由和中间件是两个非常重要的概念，它们对于控制应用程序的流程和安全性至关重要。除了上述基本路由类型外，Laravel还提供了其他高级路由功能，如路由参数、路由组、路由中间件等，它们可以帮助你更...
Laravel选项路由参数不起作用 laravel php
2016-06-07 04:37

回答 1 已采纳 Request instance must be the first one public function out(Request $request, $param1, $param2 = '
Slim 3重定向路由循环不起作用 php
2018-06-09 06:53

回答 1 已采纳 To allow the function to access the $url from outside of it's own scope, you could use function()
php资源路由值修改不了 php 有问必答
2021-05-27 19:31

回答 2 已采纳跳转到edit页面之后是否有将数据填充到表单内？
ThinkPHP 多应用模式之Api路由分组+中间件
2023-01-03 17:57

JSON_L的博客 ThinkPHP 6.1 在多应用模式下实现API路由分组+中间件验证业务
Fat Free框架动态路由不起作用 php
2017-07-12 13:16

回答 1 已采纳 @AlexB, what error are you getting? However, you need to pick up the variable from the URL before
Laravel 5.2路由，可选参数不起作用 laravel php
2016-09-07 13:54

回答 1 已采纳 Change: public function getGlobalData(Request $request, $part){ to: public function getGlobalD
Laravel 5控制器路由不起作用 php
2015-04-06 09:28

回答 3 已采纳 First of all you should follow the instructions from James Njuguna in a comment to your question.
基于Laravel 多个中间件的执行顺序详解
2020-10-16 04:06

当一个路由或控制器动作需要使用多个中间件时，这些中间件的执行顺序就显得尤为重要。接下来，我们将详细探讨Laravel中多个中间件的执行顺序，以及如何控制它们的执行顺序。首先，我们需要了解Laravel在全局和局部...
php路由中间件,lumen5.5学习路由和中间件（四）
2021-04-22 00:29

华雯婷的博客仔细学习下路由和中间件的玩法----------------------------------分割线--------------------------------路由基本用法可以参考中文文档的路由，要注意的是1)$app要换成$route2)namespace不需要写全，5.5新版本会...
Wayfinder:一个简单PHP路由框架
2021-03-05 05:51

**Wayfinder：一个简单PHP路由框架** 在Web开发中，路由是至关重要的组成部分，它负责将用户的HTTP请求映射到相应的处理程序，如控制器或函数。Wayfinder是一个为PHP设计的轻量级路由框架，旨在简化这个过程，帮助...
php url路由入门实例
2020-12-19 16:16

例如，`^view-([0-9]+)\.html$`是一个正则表达式，匹配以`view-`开头，后跟一个或多个数字的字符串，并将匹配的数字捕获为 `$1`。 - `RewriteRule`配置参数： - `R`：强制外部重定向，使浏览器显示新的URL。 - `F...
没有解决我的问题, 去提问

悬赏问题

¥15 乌班图ip地址配置及远程SSH
¥15 怎么让点阵屏显示静态爱心，用keiluVision5写出让点阵屏显示静态爱心的代码，越快越好
¥15 PSPICE制作一个加法器
¥15 javaweb项目无法正常跳转
¥15 VMBox虚拟机无法访问
¥15 skd显示找不到头文件
¥15 机器视觉中图片中长度与真实长度的关系
¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
¥15 java 的protected权限，问题在注释里
¥15 这个是哪里有问题啊？

码龄粉丝数原力等级 --

路由的多个中间件不起作用

1条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

路由的多个中间件不起作用

1条回答 默认 最新

悬赏问题

1条回答默认最新